<?php

// ##############################################################################||
// #                                                                 
// #   MySmartBB Version 1.7.0	                                      
// #   http://www.MySmartBB.com                                      
// #   Copyright (c) 2008 by MySmartBB team                           
// #   license http://opensource.org/licenses/gpl-license.php GNU Public License
// #                                                             
// #   filename : attach.php                                           
// #   download and show attachment files                                          
// #                                                                  
// ##############################################################################||

// ** General definitions **
     define('NO_STYLE',0);
     define('NO_HEADER',1);
     include('common.php');


// ** Download Attachment File **
     if ($_GET['download'] == 1)
     {
         if ($groupper_row['download_attach'] != 1)
         {
             $SF->error('المعذرة، غير مسموح لك بتحميل المرفقات',1);
         }

         if ($member_permission == 1)
         {
             if ($member_row['posts'] < $groupper_row['download_attach_number'])
             {
                 $SF->error('المعذرة، عدد مشاركاتك أقل من  ' . $groupper_row['download_attach_number'] . '!',1);
             }
         }

         $id = intval($_GET['id']);
         $getattachinfo   =   $DB->sql_query("SELECT * FROM " . $db_prefix . "attach WHERE id='" . $id . "'");
         $getattachrow    =   $DB->sql_fetch_array($getattachinfo);
         $file_ex         =   $SF->Get_file_extension($getattachrow['filename']);
         $update          =   $DB->sql_query("UPDATE " . $db_prefix . "attach SET visitor=visitor+1 WHERE id='" . $id . "'");
		 
//////////////////////////////////////////////////////////////////////

         //$file_ex = strtolower(substr(strrchr(($getattachrow['filename']),"."),1));
		   
            switch ($file_ex)
			 {
				
                case ".exe"  : 	$ctype="application/octet-stream";			break;
                case ".pdf"  : 	$ctype="application/x-pdf";			 		break;
                case ".rtf"  : 	$ctype="application/rtf";			 		break;
                case ".zip"  : 	$ctype="application/zip"; 					break;
                case ".rar"  : 	$ctype="application/x-rar-compressed ";		break;
                case ".doc"  : 	$ctype="application/msword"; 				break;
                case ".xls"  : 	$ctype="application/vnd.ms-excel";	 		break;
                case ".ppt"  : 	$ctype="application/vnd.ms-powerpoint"; 	break;
                case ".wmv"  : 	$ctype="video/x-ms-wmv"; 					break;
                case ".bmp"  : 	$ctype="image/x-ms-bmp";		 			break;
                case ".ai"   : 	$ctype="application/postscript";	 		break;
                case ".es"   : 	$ctype="application/postscript";	 		break;
                case ".eps"  : 	$ctype="application/postscript";	 		break;
                case ".gif"  : 	$ctype="image/gif"; 						break;
                case ".png"  : 	$ctype="image/png"; 						break;
                case ".jpg"  : 	$ctype="image/jpeg"; 						break;
                case ".jpe"  : 	$ctype="image/jpeg"; 						break;
                case ".jpeg" : 	$ctype="image/jpeg"; 						break;
                case ".txt"  : 	$ctype="text/plain";			 			break;
                case ".c"	 : 	$ctype="text/plain";			 			break;
                case ".c++"  : 	$ctype="text/plain";			 			break;
                case ".pl"   : 	$ctype="text/plain";			 			break;
                case ".cc"   : 	$ctype="text/plain";			 			break;
                case ".h"	 : 	$ctype="text/plain";			 			break;


// or default: $ctype="application/force-download";

				default		: 	$ctype="application/octet-stream"; 
            }
			
            	if (!file_exists($getattachrow['filepath']))
					{
             			$SF->error('المعذرة، الرابط المتبع خاطئ',1 );
            		}

// required for IE, otherwise Content-disposition is ignored

			if(ini_get('zlib.output_compression'))
			ini_set('zlib.output_compression', 'Off');


		$img_ex = array ('.jpg','.gif','.jpeg','.png','.bmp','.jpe');
		if (!in_array ($file_ex,$img_ex))
         {
				 
			header("Pragma: public");
			header("Expires: 0");
			header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
			header("Cache-Control: private",false);
			header("Content-Type: $ctype");
			header("Content-Disposition: attachment; filename=\"" . basename($getattachrow['filename']) . "\"" . $file_ex . "");
			header("Content-Transfer-Encoding: binary");
			header("Content-Length: " . @filesize($getattachrow['filename']) . "");
			$read = @readfile($getattachrow['filepath']) . $file_ex

         or die

             ("المعذرة، الرابط المتبع خاطئ");
		 
         }
         else
         {
			 echo '<div align="center">
					<table class="border" summary="جدول" border="1" cellspacing="1">
			 		<tr>
      					<td  class="thead" colspan="3"> ملف مرفق ' . $getattachrow['filename'] . '</td>
    				</tr>
			 		<tr>
						<td class="row1">
			 				<img src="' . $getattachrow['filepath'] . '" border="0">
						</td>
					</tr>
					</table>
				   </div>';
         }
	}

// ** Download Private Messages As A TXT file **

     elseif ($_GET['download_pm'] == 1)
     {
         if (empty($_GET['folder']))
         {
             $SF->error('المعذرة، الرابط المتبع خاطئ',1 );
         }

         if ($_GET['folder'] == 'sent')
         {
             $select = "user_from='" . $SF->SafeSQL($member_row['username']) . "'";
         }
         else
         {
             $select = "user_to='" . $SF->SafeSQL($member_row['username']) . "'";
         }

         $getpm_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "pm WHERE " . $select ." AND folder='" . $SF->SafeSQL($_GET['folder']) . "'");

         if ($DB->sql_num_rows($getpm_query) == 0)
         {
             $SF->msg('ليس هناك رسائل ليتم تحميلها');
         }
         else
         {
     $crlf = '
';		 
			 
			header("Pragma: public");
			header("Expires: 0");
			header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
			header("Cache-Control: private",false);
			header("Content-Type: text/plain");
			header("Content-Disposition: attachment; filename=\"" . $_GET['folder'] . "\".txt");
			header("Content-Transfer-Encoding: binary");
		 
			 

             echo '# نسخة من المجلد ' . $_GET['folder'] . ' للرسائل الخاصة ' . $crlf;
             echo '# عدد الرسائل : ' . $DB->sql_num_rows($getpm_query) . $crlf;
             echo $crlf . $crlf;

             $getpm_row = array();
             while ($getpm_row = $DB->sql_fetch_array($getpm_query))
             {

                 $text = eregi_replace("\[img]", '', $text);
                 $getpm_row['text'] = eregi_replace("\[/img]","", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[b]", "", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[i]", "", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[u]", "", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[/b]", "", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[/i]", "", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[/u]", "", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[SIZE=1]", "", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[SIZE=2]", "", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[SIZE=3]", "", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[SIZE=4]", "", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[SIZE=5]", "", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[/SIZE]", "", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[FONT=([^[]*)]", "", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[/FONT]", "", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[color=([^[]*)]","", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[/color]","", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[qu]","إقتباس", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[/qu]","نهاية إقتباس", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[quote]","إقتباس", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[/quote]","نهاية إقتباس", $getpm_row['text']);
                 $getpm_row['text'] = eregi_replace("\[code]","شفيرة برمجية", $getpm_row['text']);
                 $text = eregi_replace("\[/code]","نهاية شفيرة برمجية", $text);

                 echo '========# بداية الرسالة #========' . $crlf;
                 echo '# عنوان الرسالة : ' . $getpm_row['title'] . $crlf;
                 echo '# المرسل : ' . $getpm_row['user_from'] . $crlf;
                 echo '# محتوى الرسالة : ' . $crlf;
                 echo $getpm_row['text'];
                 echo $crlf . $crlf . '========# نهاية الرسالة #========';
                 echo $crlf . $crlf . $crlf;
             }
         }
     }

// ** Download Subject As A TXT file **

     elseif ($_GET['download_subject'] == 1)
     {
         $id = intval($_GET['id']);
         $subject_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE id='$id'");
         $subject_num   = $DB->sql_num_rows($subject_query);
         $subject_row   = $DB->sql_fetch_array($subject_query);

         if ($subject_num == 0)
         {
             $SF->error('المعذرة، الموضوع المطلوب غير موجود ',1);
         }

         if ($subject_row['delete_topic'] == 1 and $groupper_row['admincp_allow'] != 1)
         {
             $SF->error('هذا الموضوع منقول لسلّة المحذوفات',1);
         }

         $section_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE id='" . intval($subject_row['section']) . "'");
         $section_row   = $DB->sql_fetch_array($section_query);

         if ($member_permission != 0)
         {
             $group_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "sectiongroup WHERE group_id='" . $member_row['usergroup'] . "' AND section_id='" . $section_row['id'] . "'");
             $group_row   = $DB->sql_fetch_array($group_query);
         }

         if ($member_permission == 0)
         {
             $group_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "sectiongroup WHERE group_id='7' AND section_id='" . $section_row['id'] . "'");
             $group_row   = $DB->sql_fetch_array($group_query);
         }

         if ($group_row['view_section'] == 0)
         {
             $SF->error('المعذرة، لا يمكنك الاطلاع على هذا الموضوع',1);
         }
     $crlf = '
';

			header("Pragma: public");
			header("Expires: 0");
			header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
			header("Cache-Control: private",false);
			header("Content-Type: text/plain");
			header("Content-Disposition: attachment; filename=\"" . $subject_row['title'] . "\".txt");
			header("Content-Transfer-Encoding: binary");


         $text = $subject_row['text'];

         echo '# عنوان الموضوع : ' . $subject_row['title'];
         echo $crlf . $crlf . $crlf;
         echo $text;
     }

// ** Download Note As A TXT file **

     elseif ($_GET['download_note'] == 1)
     {
         if ($member_permission == 0)
         {
             $SF->error('لا يمكنك الوصول إلى هذه الصفحه');
         }

             $crlf = '
        ';

			header("Pragma: public");
			header("Expires: 0");
			header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
			header("Cache-Control: private",false);
			header("Content-Type: text/plain");
			header("Content-Disposition: attachment; filename=\"" . $member_row['username'] . "\".txt");
			header("Content-Transfer-Encoding: binary");

         $totalchr = strlen($member_row['user_notes']);

         $text = str_replace('
',$crlf,$member_row['user_notes']);

         echo '# نسخة من المذكرة الخاصة بـ ' . $member_row['username'] . $crlf;
         echo '# عدد حروف المذكرة: ' . $totalchr . $crlf;
         echo '# تاريخ تحميل المذكرة: ' . $date . $crlf;
         echo $crlf;
         echo '========# بداية المذكرة #========' . $note . $crlf;
         echo $member_row['user_notes'];
         echo $crlf . '========# نهاية المذكرة #========';
     }

?>